Manualshelf

Software Distributor Administrator Guide (September 2010)

ManualsBrandsHP ManualsSoftwareHP-UX Software Distributor
12345678910
9.1.3 Modifying Target Systems...................................................................................188
9.2 The swacl Command ..................................................................................................188
9.2.1 swacl Output.......................................................................................................190
9.3 Basic Security Tasks ....................................................................................................191
9.3.1 Listing User Access ............................................................................................192
9.3.2 Allowing Users to Manage Products in a Depot ................................................194
9.3.3 Allowing Users to Manage Roots (Install/Remove) ...........................................194
9.3.4 Restricting Access to Depots ..............................................................................195
9.3.5 Adding Target Hosts ..........................................................................................196
9.3.6 Temporarily Restricting Access ..........................................................................197
9.3.7 Closing the SD-UX Network ..............................................................................197
9.3.8 Editing an ACL ...................................................................................................197
9.4 How ACLs are Matched to the User ..........................................................................199
9.5 ACL Entries ................................................................................................................200
9.5.1 ACL Keys ............................................................................................................201
9.5.2 ACL Permissions ................................................................................................201
9.5.3 Object Protection ................................................................................................202
9.5.3.1 Host System ACLs ......................................................................................204
9.5.3.2 Root ACLs ..................................................................................................204
9.5.3.3 Depot ACLs ................................................................................................205
9.5.3.4 Product ACLs .............................................................................................205
9.5.4 ACL Templates ...................................................................................................206
9.5.4.1 Default ACL Template Entries ...................................................................207
9.5.4.1.1 Container ACL Template....................................................................208
9.5.4.1.2 Product ACL Template.......................................................................208
9.6 Security on SD-UX Systems ........................................................................................208
9.7 SD-UX Internal Authentication ..................................................................................210
9.7.1 SD-UX Credentials .............................................................................................210
9.7.1.1 Controllers Run with the User’s Credentials and Privileges .....................211
9.7.1.2 Agents Run with the System’s Identity ......................................................211
9.7.2 Security Between Hosts: The Shared Secrets File ...............................................211
9.8 RPC Authorization......................................................................................................212
9.8.1 How Agents Handle Controller Requests ..........................................................213
9.8.2 Local Superuser Authorization ..........................................................................214
9.8.2.1 Delegation ..................................................................................................214
9.8.3 Depot Registration and Daemon/Agent Security ..............................................214
9.9 Security Use Models ...................................................................................................214
9.9.1 Security in Remote Distributions .......................................................................215
9.9.2 Security in Local Distributions ...........................................................................215
9.9.2.1 Restricting Installation to Specific Target Systems by Specific Users ........216
9.9.3 Security for Software Developers .......................................................................216
9.10 Permission Requirements, by Command .................................................................217
9.10.1 Packaging (swpackage) ....................................................................................217
9.10.2 Listing (swlist) ..................................................................................................217
Table of Contents 9